package cn.edu.glut.interceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import cn.edu.glut.dto.UserIntro;
import cn.edu.glut.utils.AccessDecisionManager;
/**
 * 
 * @author Caizhfy
 * @version v.0.1
 * @createTime 2017年12月27日下午6:00:17
 * @email Caizhfy@163.com
 * @description 简易的权限管理，根据session类型来控制
 *
 */
@Configuration
public class PrivilegeInterceptor  implements HandlerInterceptor{
	final Logger logger = LoggerFactory.getLogger(PrivilegeInterceptor.class);
	@Autowired
	private AccessDecisionManager accessDecisionManager;
	
	@Override
	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
			throws Exception {
		HttpSession session = request.getSession();
		UserIntro u = (UserIntro) session.getAttribute("user");
		String uri = request.getRequestURI().toString();
		if(accessDecisionManager.decide(u.getUserType(), uri))
			return true;
		request.getRequestDispatcher("error/403.html").forward(request, response);
		return false;
	}

	@Override
	public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
			ModelAndView modelAndView) throws Exception {
		// TODO Auto-generated method stub
		
	}

	@Override
	public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
			throws Exception {
		// TODO Auto-generated method stub
		
	}

}
